|
|
|
|
Menu |
|
|
Home |
| |
|
Discussions |
| |
|
Tools |
| |
|
Affiliates |
| |
|
Content |
| |
|
Info |
| | |
|
|
|
|
|
User Info |
|
Membership:
Latest: MichaelSnaRe
New Today: 0
New Yesterday: 0
Overall: 9144
People Online:
Visitors: 71
Members: 0
Total: 71
|
|
|
|
|
|
Full disclosure |
|
|
|
|
|
|
|
|
|
IT Security and Insecurity Portal |
|
|
Where clause |
|
Posted: Thu Apr 17, 2008 11:14 pm |
|
|
Nial |
Advanced user |
|
|
Joined: Feb 29, 2008 |
Posts: 103 |
|
|
|
|
|
|
|
Hi all.
I was wondering how to use a where id=1 in sql injection? The "LIKE" is working for me for approximative data, but i dont know how to get only one row with a precise condition with the where id=1.
If you can help me, your welcome |
|
|
|
|
|
Re: Where clause |
|
Posted: Thu Apr 17, 2008 11:44 pm |
|
|
Oilik |
Active user |
|
|
Joined: Mar 05, 2008 |
Posts: 35 |
|
|
|
|
|
|
|
Nial wrote: | Hi all.
I was wondering how to use a where id=1 in sql injection? The "LIKE" is working for me for approximative data, but i dont know how to get only one row with a precise condition with the where id=1.
If you can help me, your welcome | It should be inside the code, like for page.asp?id=3, I'm guessing it's like:
SELECT * FROM hey WHERE id = 3
(I don't know SQL, that's my guess.)
So probably if it's not using PHP, enter page.asp?id=3;SELECT * FROM users, which should be (with ASP) executing:
SELECT * FROM hey WHERE id = 3
and
SELECT * FROM users, thus spitting out all of the table users.
Again, I am probably wrong, I don't know SQL. |
|
|
|
|
Posted: Fri Apr 18, 2008 7:38 am |
|
|
Nial |
Advanced user |
|
|
Joined: Feb 29, 2008 |
Posts: 103 |
|
|
|
|
|
|
|
My mistake, it was just the server which filtered some string. It is working now. |
|
|
|
|
www.waraxe.us Forum Index -> Sql injection
You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum You cannot vote in polls in this forum
|
All times are GMT
Page 1 of 1
|
|
|
Powered by phpBB © 2001-2008 phpBB Group
|
|
|
|
|
|
|